Software terms of service and privacy policies explained

If you’re like most people, you don’t read the Terms of Service when you get a new app or buy a new device. That’s a big mistake, because a lot of apps on the market that are less-than-ideal, known as “grayware,” count on you allowing them access to your information. They know most people don’t read the Terms of Service, so their Terms of Service include language authorizing a massive invasion of your privacy. At the same time, you might have noticed that most Terms of Service is just boilerplate. How do you read the Terms of Service and find out what you need to know about privacy without wasting a bunch of time reading standard terminology?

The Privacy Policy Is the Most Important

When it comes to maintaining the security and integrity of your data, the only thing that you really need to read is the privacy policy contained in the Terms of Service. A lot of the rest will not be necessary to protecting your data. So when you start looking at your terms of service, you can skip right to the privacy policy and begin reading there.

Now comes your second problem. For the most part, Terms of Service are written in legalese. They can be difficult, even for people used to reading such documents, to fully understand. So how do you decipher a privacy policy?

Every privacy policy basically consists of six different parts.

The “notice” section tells you what information will be collected and how it will be used. This is, in some ways, the most important part of any privacy policy.

The “security” section is also important, as it tells you what the company is doing to secure the data it obtains from you.

“Access” and “onward transfer” clauses will explain who can access your data and who, if anyone and under what circumstances the data is shared with.

Note that a reputable company wants their privacy policy to be as transparent as possible, while also adhering to the letter of the law. On the other hand, companies that might be looking to take advantage of you will make their privacy policies needlessly complicated.

What To Look For in a Privacy Policy

Since there are as many privacy policies as there are companies on the Internet, it’s difficult to drill down too directly on what exactly will be in a privacy policy. However, some things to look for when you’re reading a privacy policy include:

An explicit list of what data is being collected from you. Companies generally have to collect some kind of data from you in order for their products to work. They should say exactly what data they are collecting.

A list of who they are sharing your information with and why. The language here will generally be vague -- i.e., “third parties.” That’s fine, but under what circumstances do they share your data? Do they only share with companies that have security policies and under the course of normal business? If there aren’t any clauses explaining who these third parties are and when they share your data, that can be a huge red flag.

The privacy policy should include language about how they are protecting your data. This will generally include some explanation of how the data is stored. If this part of the privacy party is missing or lacking, look for a competing piece of software or hardware.

When in doubt, don’t be afraid to email customer service and start asking questions. Companies that are more reputable are more likely to answer your questions promptly.

The problem in a lot of cases isn’t that that company in question wants to do anything nefarious with your data. It’s just that they’re not taking your Internet security and privacy seriously enough. That can be just the kind of lax security that sets them -- and you -- up for a major breach.

Isn't it time to upgrade your security?

Upgrading to new devices and software can often mean downgrading your privacy and security. It’s time to take your security seriously. Download the full version of Norton Security Deluxe free for 30 days, and test-drive it on up to 5 of your devices – PCs, Macs, smartphones or tablets.

Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.